148.66.145.133

Basic Info

City: unknown

Region: unknown

Country: Singapore

Internet Service Provider: GoDaddy.com

Hostname: unknown

Organization: GoDaddy.com, LLC

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	xmlrpc attack	2020-03-31 22:34:24
attackbots	xmlrpc attack	2019-10-03 01:04:36
attackbotsspam	fail2ban honeypot	2019-10-01 07:28:35
attackspam	Automatic report - Banned IP Access	2019-09-29 22:28:42
attackbots	fail2ban honeypot	2019-09-29 01:11:10

Comments on same subnet:

IP	Type	Details	Datetime
148.66.145.158	attackspam	$f2bV_matches	2020-04-15 22:01:04
148.66.145.30	attack	Attempt to hack Wordpress Login, XMLRPC or other login	2020-04-05 10:08:25
148.66.145.155	attack	xmlrpc attack	2020-03-23 08:18:59
148.66.145.42	attackspam	Wordpress_xmlrpc_attack	2020-03-22 22:45:09
148.66.145.152	attackbots	xmlrpc attack	2020-03-21 05:04:53
148.66.145.2	attackbots	Mar 16 23:36:07 mercury wordpress(www.learnargentinianspanish.com)[1450]: XML-RPC authentication failure for josh from 148.66.145.2 ...	2020-03-17 09:40:54
148.66.145.28	attackspam	Automatic report - XMLRPC Attack	2020-02-15 15:26:58
148.66.145.146	attackspambots	SCHUETZENMUSIKANTEN.DE 148.66.145.146 \[12/Nov/2019:07:28:50 +0100\] "POST /xmlrpc.php HTTP/1.1" 200 4285 "-" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/60.0.3112.113 Safari/537.36" schuetzenmusikanten.de 148.66.145.146 \[12/Nov/2019:07:28:50 +0100\] "POST /xmlrpc.php HTTP/1.1" 200 4285 "-" "Mozilla/5.0 $Windows NT 10.0\; Win64\; x64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/60.0.3112.113 Safari/537.36"	2019-11-12 17:17:24
148.66.145.28	attackspambots	Automatic report - XMLRPC Attack	2019-10-29 20:23:24
148.66.145.165	attackspambots	148.66.145.165 has been banned for [WebApp Attack] ...	2019-10-26 18:28:54
148.66.145.25	attackbots	Automatic report - Banned IP Access	2019-10-20 23:50:09
148.66.145.134	attackspam	miraklein.com 148.66.145.134 \[02/Oct/2019:23:27:24 +0200\] "POST /xmlrpc.php HTTP/1.1" 301 439 "-" "WordPress" miraniessen.de 148.66.145.134 \[02/Oct/2019:23:27:25 +0200\] "POST /xmlrpc.php HTTP/1.1" 200 4214 "-" "WordPress"	2019-10-03 07:10:28
148.66.145.134	attack	xmlrpc attack	2019-07-24 13:12:52
148.66.145.154	attackbotsspam	xmlrpc attack	2019-07-16 07:36:19

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.66.145.133
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16350
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.66.145.133.			IN	A

;; AUTHORITY SECTION:
.			2039	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070900 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jul 10 00:30:50 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 133.145.66.148.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 133.145.66.148.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
122.116.244.178	attackbots	Hits on port : 8000	2020-05-15 04:14:58
92.63.194.106	attackspam	May 14 22:11:24 ArkNodeAT sshd\[31566\]: Invalid user user from 92.63.194.106 May 14 22:11:24 ArkNodeAT sshd\[31566\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.63.194.106 May 14 22:11:26 ArkNodeAT sshd\[31566\]: Failed password for invalid user user from 92.63.194.106 port 35701 ssh2	2020-05-15 04:27:13
27.155.100.58	attack	May 14 14:17:11 legacy sshd[23284]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.155.100.58 May 14 14:17:13 legacy sshd[23284]: Failed password for invalid user webmin from 27.155.100.58 port 48434 ssh2 May 14 14:20:20 legacy sshd[23526]: Failed password for root from 27.155.100.58 port 37660 ssh2 ...	2020-05-15 04:02:50
185.176.27.98	attack	05/14/2020-14:54:03.918233 185.176.27.98 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-05-15 04:13:23
190.44.187.174	attackspam	May 14 21:38:46 ns382633 sshd\[3874\]: Invalid user squid from 190.44.187.174 port 56033 May 14 21:38:46 ns382633 sshd\[3874\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.44.187.174 May 14 21:38:48 ns382633 sshd\[3874\]: Failed password for invalid user squid from 190.44.187.174 port 56033 ssh2 May 14 21:52:44 ns382633 sshd\[6416\]: Invalid user couchdb from 190.44.187.174 port 28372 May 14 21:52:44 ns382633 sshd\[6416\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.44.187.174	2020-05-15 04:02:24
36.89.251.105	attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 18 - port: 25734 proto: TCP cat: Misc Attack	2020-05-15 04:34:50
120.53.1.97	attackbots	" "	2020-05-15 04:15:25
14.207.201.96	attack	20/5/14@14:38:41: FAIL: Alarm-Network address from=14.207.201.96 ...	2020-05-15 04:21:30
210.74.13.5	attack	May 14 20:53:45 srv01 sshd[13312]: Invalid user ubuntu from 210.74.13.5 port 38120 May 14 20:53:45 srv01 sshd[13312]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.74.13.5 May 14 20:53:45 srv01 sshd[13312]: Invalid user ubuntu from 210.74.13.5 port 38120 May 14 20:53:47 srv01 sshd[13312]: Failed password for invalid user ubuntu from 210.74.13.5 port 38120 ssh2 May 14 20:58:11 srv01 sshd[13453]: Invalid user testftp from 210.74.13.5 port 34640 ...	2020-05-15 04:27:35
54.38.242.206	attackbots	Invalid user t3bot from 54.38.242.206 port 51678	2020-05-15 04:21:00
85.49.196.156	attack	[Thu May 14 07:54:55 2020] - Syn Flood From IP: 85.49.196.156 Port: 42514	2020-05-15 04:31:19
201.25.189.73	attackspambots	Automatic report - Port Scan Attack	2020-05-15 04:35:57
62.24.196.138	attack	May 14 13:12:38 \| ATTACK Detected: SPI attack from WAN (ip:62.24.196.138) detected. Packet dropped. May 14 13:12:18 \| ATTACK Detected: SPI attack from WAN (ip:62.24.196.138) detected. Packet dropped. May 14 13:12:16 \| ATTACK Detected: SPI attack from WAN (ip:62.24.196.138) detected. Packet dropped.	2020-05-15 03:56:26
70.35.201.143	attackspambots	Invalid user service from 70.35.201.143 port 39104	2020-05-15 04:32:06
202.90.199.206	attackspambots	Invalid user test from 202.90.199.206 port 35294	2020-05-15 03:59:29

Recently Reported IPs

144.106.124.126	104.97.249.146	113.180.89.193	82.117.54.250
85.226.196.251	75.73.165.69	198.163.95.125	188.225.37.86
110.89.237.121	36.219.35.32	181.56.225.43	200.59.102.209
138.0.7.201	182.85.192.96	44.158.214.188	185.31.120.84
71.207.81.172	35.27.113.61	37.200.157.137	164.71.229.70